One of Sevco’s core values is: Obsess about customer problems. And this recently came to light with a very real critical zero-day vulnerability.
On October 16, 2023, Cisco released a security advisory to address a vulnerability (CVE-2023-20198) affecting IOS XE Software Web UI. A cyber threat actor could exploit this vulnerability to take control of an affected device.
For many security teams, the first step to address this (or any other) vulnerability would be to jump into their vulnerability management tool and search for impacted assets. That’s a safe first step—if you have confidence that your vulnerability manager has an updated and comprehensive view of all of your IT assets.
While the Sevco Asset Intelligence Platform is known for its ability to find gaps in security controls coverage, our platform can also be used to quickly and easily hunt for vulnerabilities and vulnerable conditions—before they can be exploited, a process we call “vulnerability hunting”.
When we learned about the Cisco IOS XE vulnerability, Sevco’s Customer Success and Field Engineering teams immediately created queries to help customers proactively search for vulnerable devices running the OS within their environments. We leveraged Sevco’s Cross-Asset Search functionality, which enables users to query data in the platform from all sources, across all asset types, and discovered several affected devices in many customer environments. This functionality also enables customers to tag these devices as high-risk for further investigation and remediation.
Many, if not most, of these customers have a vulnerability management solution in place. One in particular stated they had searched their solution and did not find any affected devices. Their solution did not highlight or alert the customer to those impacted devices, so they didn’t realize there was any risk until we alerted them.
When your team needs to find all devices impacted by a vulnerability, Sevco has a major benefit over a single solution like a vulnerability manager—our platform pulls data from all of your existing tools (including your vulnerability manager), providing a more detailed, comprehensive picture of each asset in your environment. Your team can run queries on this aggregated data to identify any assets that might be affected – even if that data is not present in your vulnerability manager.
This is one of the many benefits that Sevco’s four dimensions of asset intelligence provides. Because Sevco aggregates and correlates device data from all of the existing tech stack sources, we can create a unified view of all device data incorporating those sources in a single pane of glass.
With Sevco asset intelligence, we were able to show our customer which specific devices were running the IOS XE Software Web UI so they could quickly mitigate the risk—even when their vulnerability manager did not identify those devices.